Hacking Archives - Page 344 of 971

Pierluigi Paganini April 22, 2021

Trend Micro flaw actively exploited in the wild

Cybersecurity firm Trend Micro revealed that a threat actor is actively exploiting a flaw, tracked as CVE-2020-24557, in its antivirus solutions to gain admin rights on Windows systems. Security solutions one again are used as attack vectors by threat actors, this time cybersecurity company Trend Micro revealed that attackers are actively exploiting a vulnerability, tracked as CVE-2020-24557, […]

Pierluigi Paganini April 21, 2021

3 Zero-Day in SonicWall Enterprise Email Security Appliances actively exploited

Security vendor SonicWall has addressed three zero-day vulnerabilities affecting both its on-premises and hosted Email Security products. SonicWall is warning its customers to update their hosted and on-premises email security products to address three zero-day vulnerabilities that are being actively exploited in the wild. The three vulnerabilities addressed by the security vendor are: CVE-2021-20021: Email Security Pre-Authentication Administrative […]

Pierluigi Paganini April 21, 2021

China-linked APT used Pulse Secure VPN zero-day to hack US defense contractors

At least one China-linked APT group exploited a new zero-day flaw in Pulse Secure VPN equipment to break into the networks of US defense contractors. According to coordinated reports published by FireEye and Pulse Secure, two hacking groups have exploited a new zero-day vulnerability in Pulse Secure VPN equipment to break into the networks of US defense contractors […]

Pierluigi Paganini April 20, 2021

Hacking a X-RAY Machine with WHIDelite & EvilCrowRF

The popular cyber security expert Luca Bongiorni demonstrated how to hack an X-Ray Machine using his WHIDelite tool. Recently I bought a X-RAY machine from China to have some ghetto-style desktop setup in order to inspect/reverse engineer some PCBs and hardware implants. The first thing striked my curiosity, even before purchasing it, was its remote. […]

Pierluigi Paganini April 20, 2021

North Korea-linked Lazarus APT hides malicious code within BMP image to avoid detection

North Korea-linked Lazarus APT group is abusing bitmap (.BMP) image files in a recent spear-phishing campaign targeting entities in South Korea. Experts from Malwarebytes have uncovered a spear-phishing attack conducted by a North Korea-linked Lazarus APT group that obfuscated a malicious code within a bitmap (.BMP) image file. The malicious code within the bitmap image […]

Pierluigi Paganini April 20, 2021

Watch out, hackers can take over your Cosori Smart Air Fryer

Watch out, hackers could breach into your house by exploiting two remote code execution (RCE) vulnerabilities in the Cosori Smart Air Fryer. Security experts from Cisco Talos have found two remote code execution (RCE) vulnerabilities in the Cosori Smart Air Fryer. The Cosori Smart Air Fryer is an appliance with smart capabilities that cooks food […]

Pierluigi Paganini April 20, 2021

WeChat users targeted by hackers using recently disclosed Chromium exploit

Threat actors used the Chrome exploit publicly disclosed last week in attacks aimed at WeChat users in China, researchers warn. China-based firm Qingteng Cloud Security, reported that threat actors weaponized the recently disclosed Chrome exploit to target WeChat users in China. According to the researchers, the attacks only targeted users of the WeChat Windows app. The […]

Pierluigi Paganini April 19, 2021

Experts demonstrated how to hack a utility and take over a smart meter

Researchers from the FireEye’s Mandiant team have breached the network of a North American utility and turn off one of its smart meters. Over the years, the number of attacks against ICS/SCADA systems used by industrial organizations worldwide has rapidly increased. Many security firms highlighted the risks related to attacks targeting OT networks used in […]

Pierluigi Paganini April 19, 2021

Codecov was a victim of a supply chain attack

The software company Codecov suffered a security breach, threat actors compromised the supply chain of one of its tools. A new supply chain attack made the headlines, the software company Codecov recently disclosed a major security breach after a threat actor compromised its infrastructure to inject a credentials harvester code to one of its tools […]

Pierluigi Paganini April 17, 2021

6 out of 11 EU agencies running Solarwinds Orion software were hacked

SolarWinds supply chain attack also impacted six European Union institutions, European Commissioner for Budget and Administration confirmed. European Commissioner for Budget and Administration Johannes Hahn confirmed the hack of some EU agencies as result of the SolarWinds supply chain attack in a response to a question filed by an EU Parliament member in February 2021. […]

Hacking

Trend Micro flaw actively exploited in the wild

3 Zero-Day in SonicWall Enterprise Email Security Appliances actively exploited

China-linked APT used Pulse Secure VPN zero-day to hack US defense contractors

Hacking a X-RAY Machine with WHIDelite & EvilCrowRF

North Korea-linked Lazarus APT hides malicious code within BMP image to avoid detection

Watch out, hackers can take over your Cosori Smart Air Fryer

WeChat users targeted by hackers using recently disclosed Chromium exploit

Experts demonstrated how to hack a utility and take over a smart meter

Codecov was a victim of a supply chain attack

6 out of 11 EU agencies running Solarwinds Orion software were hacked

newsletter

Subscribe to my email list and stay
up-to-date!

recent articles

Qilin ransomware claimed responsibility for the attack on the beer giant Asahi

DragonForce, LockBit, and Qilin, a new triad aims to dominate the ransomware landscape

DraftKings thwarts credential stuffing attack, but urges password reset and MFA

Redis patches 13-Year-Old Lua flaw enabling Remote Code Execution

U.S. CISA adds Synacor Zimbra Collaboration Suite (ZCS) flaw to its Known Exploited Vulnerabilities catalog

QUICK LINKS

Hacking

newsletter

Subscribe to my email list and stay up-to-date!

recent articles

Subscribe to my email list and stay
up-to-date!